alpine 3.9
obsolete weakness #537

1

Weakness Breakdown


Definition:

An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.

Warning code(s):

This C routine is considered obsolete.

File Name:

dahdi-tools/src/dahdi-tools-2.11.1/xpp/echo_loader.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.9 obsolete weakness.

 	DBG("%s: Written %d bytes\n", __func__, ret);
	if (ret > ub->max_send)
		ub->max_send = ret;
	if (ret < ub->min_send)
		ub->min_send = ret;
	ub->total_bytes += ret;
	ub->num_sends++;
	ub->curr = 0;

	sec = usb_buffer_usec(ub) / (1000 * 1000);
	if (sec > last_sec) {
		DBG("bytes/sec=%ld average len=%ld\n",
			ub->total_bytes / sec,
			ub->total_bytes / ub->num_sends);
		last_sec = sec;
	}

	/*
	 * Best result with high frequency firmware: 21 seconds
	 * Octasic statistics: packet_size=[10, 239, 510] packets=26806, bytes=6419640 usec=21127883 usec/packet=788
	 * t = 0.3 * ret - 150;
	 */
	t = oct_fw_load_timeout * ret - 150;
	if (t > 0)
		usleep(t);
	return ret;
}

static int usb_buffer_append(struct astribank *astribank, struct usb_buffer *ub,
	char *buf, int len)
{
	if (ub->curr + len >= ub->max_len) {
		AB_ERR(astribank, "%s: buffer too small ub->curr=%d, len=%d, ub->max_len=%d\n",
			__func__, ub->curr, len, ub->max_len);
		return -ENOMEM;
	}
	memcpy(ub->data + ub->curr, buf, len);
	ub->curr += len;
	return len;
}

static int usb_buffer_send(struct astribank *astribank, struct usb_buffer *ub,
	char *buf, int len, int timeout, int recv_answer)
{
	int	ret = 0;

	if (ub->curr + len >= ub->max_len) {
		ret = usb_buffer_flush(astribank, ub);
		if (ret < 0)
			return ret; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.